I've worked on various parts of Google+, including the home stream, notifications, and search. I was born in Stuttgart (Germany) but grew up in San Diego (California). My parents are both computer sc ...
Continue Reading
September 18, 2021
WAFs cant protect APIs, but they try anyway Web Application Firewalls (WAFs) have been around since the early 2000's when OWASP released their first Top 10 list of web application vulnerabilities. ...
Continue Reading
September 18, 2021
APIs Are Not Web Applications Theyre Microservices! The other problem with SAST is that it was designed to be used against monolithic web applications, which have a single entry point (typically ...
Continue Reading
September 18, 2021
API Security Testing is more complex than SAST SAST works by examining the source code of an application to determine where it may be vulnerable to external attack, but this does not take into accoun ...
Continue Reading
September 18, 2021
The typical approach to a web application vulnerability assessment involves scanning the codebase, creating a model and then running this against an automated scanner such as Burp Suite or ZAP. This p ...
Continue Reading
September 17, 2021
The first volume, "API Design" teaches you the basics of designing APIs for your business or startup. tl;dr: The second volume, "API Security" teaches you about the most critical security risks in AP ...
Continue Reading
September 17, 2021
In fact, its very common to see unauthenticated APIs. From incidents like mHealth APPs, Panera bread, Fiserv, LifeLock, Kay Jewelers and several others API security had remained a crucial factor. T ...
Continue Reading
September 17, 2021
I've been thinking about this for a while, but I finally got around to making it last week. It was inspired by the "What Happened" feature on Facebook, which shows you all of the posts and photos that ...
Continue Reading
September 17, 2021
Back to Main
